Threat actors exploit underground markets by purchasing or selling stolen data, malware, and hacking tools to facilitate cybercrime.
These underground markets provide the following key facilities among threat actors that fuel the growth of cyber threats:-
Cybersecurity researchers at Zerofox recently discovered a new underground market dubbed, OLVX (olvx[.]cc) found to be advertising a wide variety of hacking tools for illicit activities.
OLVX launched on July 1, 2023, and since then, it has offered several illicit tools and services to threat actors.
Unlike other markets, OLVX concentrates on aiding cybercriminals with tools for data theft during the 2023 holiday retail rush.
ZeroFox found a significant spike in OLVX marketplace activity in fall 2023, where more items sold, and buyers rushed to a new store.
Investigation reveals OLVX stems from leaked OLUX code (2020/2021). Though OLUX code is outdated, post-leak stores use improved versions. OLVX hides on Cloudflare for web hosting and better accessibility.
OLVX, not on the dark web, uses SEO and forums for customer growth. Prioritizing service, it operates a Telegram channel for support. Strong customer relationships boost OLVX’s reputation and profits.
Admins partner with cybercriminals for custom toolkits, expanding offerings. Unlike others, OLVX skips escrow and opts for direct crypto payments.
Customers maintain a balance for transactions, increasing sales, and besides this, “Top-off” instructions are given via a time-limited crypto address when funds run low.
Here below, we have mentioned all the items that were sold on the OLVX underground marketplace:-
OLVX hides hosting with Cloudflare and advertises DDoS protection via Simple Carrier LLC, which is known for sketchy content hosting.
OLVX and similar marketplaces thrive as cybercriminal hubs during the holiday season, supplying tools for targeting campaigns.
As consumers shop, cyber threats escalate, with OLVX providing essential tools for criminals, making it the ‘most wonderful time of the year’ for illicit activities.
A critical authentication bypass vulnerability in SonicWall firewalls, tracked as CVE-2024-53704, is now being actively…
Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram…
A recently discovered Python script has been flagged as a potential cybersecurity threat due to…
A website launched by Elon Musk's Department of Government Efficiency (DOGE) has been found to…
The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked…
Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity…